Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/huFvRBgnR-s31cbsRFSllhCVD-Y.roa
File: huFvRBgnR-s31cbsRFSllhCVD-Y.roa (raw, json)
Hash identifier: qDg0zquUb2Es1sQSERVGsvinsZ/h4XKo8Wv7ixmrcSo=
Subject key identifier: 86:E1:6F:44:18:27:47:EB:37:D5:C6:EC:44:54:A5:96:10:95:0F:E6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E0817E82DF6F60CCA4C1DF09131951DA4
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/huFvRBgnR-s31cbsRFSllhCVD-Y.roa
Signing time: Mon 04 Mar 2024 06:12:48 +0000
ROA not before: Mon 04 Mar 2024 06:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:08:17:e8:2d:f6:f6:0c:ca:4c:1d:f0:91:31:95:1d:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 4 06:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86e16f44182747eb37d5c6ec4454a59610950fe6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f0:98:8b:73:0c:9c:73:eb:b9:78:a1:14:bb:
d5:0e:d9:ff:3d:7b:25:fc:5b:c4:72:45:b4:4c:28:
f2:d4:a6:d9:13:7e:6c:0e:32:71:17:ab:8b:77:3a:
0d:74:cc:65:a2:8d:42:66:46:6a:34:a5:ea:aa:72:
ba:62:ca:c1:e5:c0:88:60:88:84:e1:08:a8:40:86:
43:33:59:85:51:6e:cc:61:e8:60:8b:23:e9:da:9a:
e4:e1:88:67:29:af:9b:c3:f5:f1:08:2e:ad:67:a5:
ad:af:60:01:0b:5a:e0:44:dc:8c:6f:17:3e:de:61:
ba:89:4b:bd:fa:63:70:02:d4:31:26:1e:f2:16:57:
9d:06:2a:50:54:3e:43:1d:53:4e:d4:f4:a4:24:44:
d7:7b:39:cb:01:13:21:74:3a:f5:1d:fa:87:d7:46:
45:7c:e5:5a:f5:b6:0a:9a:a1:8c:0b:c0:f8:d8:d1:
b0:84:4b:ed:a5:9a:84:b3:96:b8:f0:35:f8:2e:36:
9d:76:4d:64:8e:ad:b0:4c:e9:da:74:a2:6d:3a:60:
8a:52:3f:85:20:65:ef:1f:d1:c2:a7:1d:32:d9:26:
fa:ec:2f:d2:70:db:47:9c:cb:bd:6a:98:db:9a:8d:
4a:4c:9a:58:a9:1e:46:f5:ae:82:15:57:48:77:87:
d1:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:E1:6F:44:18:27:47:EB:37:D5:C6:EC:44:54:A5:96:10:95:0F:E6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/huFvRBgnR-s31cbsRFSllhCVD-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a2:8d:bd:0e:c5:19:cb:b1:29:b4:05:90:36:4a:55:32:ce:90:
12:86:7b:f4:42:4a:5c:83:10:c4:43:d6:74:e2:a2:2c:1a:ff:
c6:58:b6:53:7b:87:e2:15:c1:9e:9c:15:82:02:13:81:47:a0:
b1:2a:21:e3:b4:8a:be:80:4a:e1:56:f8:5a:f9:8d:3f:f0:5d:
d1:a2:6f:62:b4:80:28:6c:a1:39:ec:11:70:44:93:c2:d3:7a:
be:d4:9f:56:3f:63:c9:5a:46:dc:35:aa:49:07:96:49:84:3d:
12:6e:bf:73:0e:db:f4:98:9b:60:fb:44:21:de:41:cd:db:5c:
96:21:d6:94:d7:e2:73:d7:f4:bd:c3:7e:73:77:1c:e2:c1:47:
b2:00:a5:da:7b:33:7a:8d:e6:08:15:5e:df:a6:79:57:78:e2:
06:0e:fa:99:cf:4b:ce:51:ae:37:31:0d:23:34:30:70:c6:3d:
97:4b:4e:55:30:92:e9:89:1c:4e:6d:a0:02:5d:39:b3:91:98:
b4:52:11:ce:ef:76:78:94:4e:37:ef:a5:40:fa:5e:db:01:1f:
14:c5:31:1a:f8:3a:ce:11:80:17:0f:8b:23:47:bc:a0:4f:34:
9a:39:ee:39:83:36:bd:4d:37:6d:e2:b7:56:ab:51:57:73:88:
d8:40:3b:09
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4IF+gt9vYMykwd8JExlR2kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA0MDYxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmUxNmY0NDE4Mjc0N2ViMzdkNWM2ZWM0NDU0YTU5NjEwOTUwZmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufCYi3MMnHPruXihFLvVDtn/PXsl
/FvEckW0TCjy1KbZE35sDjJxF6uLdzoNdMxloo1CZkZqNKXqqnK6YsrB5cCIYIiE
4QioQIZDM1mFUW7MYehgiyPp2prk4YhnKa+bw/XxCC6tZ6Wtr2ABC1rgRNyMbxc+
3mG6iUu9+mNwAtQxJh7yFledBipQVD5DHVNO1PSkJETXeznLARMhdDr1HfqH10ZF
fOVa9bYKmqGMC8D42NGwhEvtpZqEs5a48DX4Ljaddk1kjq2wTOnadKJtOmCKUj+F
IGXvH9HCpx0y2Sb67C/ScNtHnMu9apjbmo1KTJpYqR5G9a6CFVdId4fRjwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIbhb0QYJ0frN9XG7ERUpZYQlQ/mMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaHVGdlJCZ25SLXMzMWNic1JGU2xsaENWRC1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKKNvQ7FGcuxKbQFkDZK
VTLOkBKGe/RCSlyDEMRD1nTioiwa/8ZYtlN7h+IVwZ6cFYICE4FHoLEqIeO0ir6A
SuFW+Fr5jT/wXdGib2K0gChsoTnsEXBEk8LTer7Un1Y/Y8laRtw1qkkHlkmEPRJu
v3MO2/SYm2D7RCHeQc3bXJYh1pTX4nPX9L3DfnN3HOLBR7IApdp7M3qN5ggVXt+m
eVd44gYO+pnPS85RrjcxDSM0MHDGPZdLTlUwkumJHE5toAJdObORmLRSEc7vdniU
TjfvpUD6XtsBHxTFMRr4Os4RgBcPiyNHvKBPNJo57jmDNr1NN23it1arUVdziNhA
Owk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org